ZAP Scanning Report

Generated on Mon, 14 Mar 2022 05:05:25

Summary of Alerts

Risk Level Number of Alerts
High
9
Medium
8
Low
10
Informational
8
False Positives:
0

Alerts

Name Risk Level Number of Instances
Anti-CSRF Tokens Check High 4
Cross Site Scripting (DOM Based) High 1
Cross Site Scripting (Persistent) High 2
Cross Site Scripting (Reflected) High 2
External Redirect High 2
Path Traversal High 3
Remote File Inclusion High 2
SQL Injection High 2
SQL Injection - MsSQL High 4
Absence of Anti-CSRF Tokens Medium 139
Bypassing 403 Medium 4
Content Security Policy (CSP) Header Not Set Medium 238
HTTP Only Site Medium 1
Integer Overflow Error Medium 4
Missing Anti-clickjacking Header Medium 187
Sub Resource Integrity Attribute Missing Medium 1
Web Cache Deception Medium 5
Application Error Disclosure Low 48
Cookie No HttpOnly Flag Low 2
Cookie Slack Detector Low 20
Cookie without SameSite Attribute Low 2
Dangerous JS Functions Low 1
Information Disclosure - Debug Error Messages Low 48
Permissions Policy Header Not Set Low 239
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) Low 336
Server Leaks Version Information via "Server" HTTP Response Header Field Low 336
X-Content-Type-Options Header Missing Low 192
Base64 Disclosure Informational 51
Cookie Slack Detector Informational 6
Information Disclosure - Suspicious Comments Informational 2
Modern Web Application Informational 1
Non-Storable Content Informational 328
Storable and Cacheable Content Informational 8
User Agent Fuzzer Informational 84
User Controllable HTML Element Attribute (Potential XSS) Informational 12

Passing Rules

Name Rule Type Threshold Strength
Directory Browsing Active MEDIUM MEDIUM
XSLT Injection Active MEDIUM MEDIUM
Server Side Code Injection Active MEDIUM MEDIUM
Advanced SQL Injection Active MEDIUM MEDIUM
XPath Injection Active MEDIUM MEDIUM
Remote OS Command Injection Active MEDIUM MEDIUM
XML External Entity Attack Active MEDIUM MEDIUM
Expression Language Injection Active MEDIUM MEDIUM
Generic Padding Oracle Active MEDIUM MEDIUM
Source Code Disclosure - Git Active MEDIUM MEDIUM
Source Code Disclosure - SVN Active MEDIUM MEDIUM
SOAP Action Spoofing Active MEDIUM MEDIUM
Source Code Disclosure - File Inclusion Active MEDIUM MEDIUM
SOAP XML Injection Active MEDIUM MEDIUM
Insecure HTTP Method Active MEDIUM MEDIUM
HTTP Parameter Pollution Active MEDIUM MEDIUM
Heartbleed OpenSSL Vulnerability Active MEDIUM MEDIUM
Cross-Domain Misconfiguration Active MEDIUM MEDIUM
Source Code Disclosure - CVE-2012-1823 Active MEDIUM MEDIUM
Buffer Overflow Active MEDIUM MEDIUM
Remote Code Execution - CVE-2012-1823 Active MEDIUM MEDIUM
Format String Error Active MEDIUM MEDIUM
Cloud Metadata Potentially Exposed Active MEDIUM MEDIUM
Source Code Disclosure - /WEB-INF folder Active MEDIUM MEDIUM
HTTPS Content Available via HTTP Active MEDIUM MEDIUM
Remote Code Execution - Shell Shock Active MEDIUM MEDIUM
Relative Path Confusion Active MEDIUM MEDIUM
CRLF Injection Active MEDIUM MEDIUM
Example Active Scan Rule: Denial of Service Active MEDIUM MEDIUM
An example active scan rule which loads data from a file Active MEDIUM MEDIUM
Parameter Tampering Active MEDIUM MEDIUM
Server Side Include Active MEDIUM MEDIUM
GET for POST Active MEDIUM MEDIUM
Session Fixation Active MEDIUM MEDIUM
LDAP Injection Active MEDIUM MEDIUM
Script Active Scan Rules Active MEDIUM MEDIUM
Cross Site Scripting (Persistent) - Prime Active MEDIUM MEDIUM
Cross Site Scripting (Persistent) - Spider Active MEDIUM MEDIUM
SQL Injection - MySQL Active MEDIUM MEDIUM
SQL Injection - Hypersonic SQL Active MEDIUM MEDIUM
SQL Injection - Oracle Active MEDIUM MEDIUM
SQL Injection - PostgreSQL Active MEDIUM MEDIUM
Possible Username Enumeration Active MEDIUM MEDIUM
SQL Injection - SQLite Active MEDIUM MEDIUM
Proxy Disclosure Active MEDIUM MEDIUM
ELMAH Information Leak Active MEDIUM MEDIUM
Trace.axd Information Leak Active MEDIUM MEDIUM
Out of Band XSS Active MEDIUM MEDIUM
.htaccess Information Leak Active MEDIUM MEDIUM
NoSQL Injection - MongoDB Active MEDIUM MEDIUM
.env Information Leak Active MEDIUM MEDIUM
Hidden File Finder Active MEDIUM MEDIUM
JWT Scan Rule Active MEDIUM MEDIUM
CORS Header Active MEDIUM MEDIUM
Active MEDIUM MEDIUM
Spring Actuator Information Leak Active MEDIUM MEDIUM
Log4Shell Active MEDIUM MEDIUM
Exponential Entity Expansion (Billion Laughs Attack) Active MEDIUM MEDIUM
Backup File Disclosure Active MEDIUM MEDIUM
Httpoxy - Proxy Header Misuse Active MEDIUM MEDIUM
Private IP Disclosure Passive MEDIUM -
Session ID in URL Rewrite Passive MEDIUM -
Insecure JSF ViewState Passive MEDIUM -
Vulnerable JS Library Passive MEDIUM -
Java Serialization Object Passive MEDIUM -
Insufficient Site Isolation Against Spectre Vulnerability Passive MEDIUM -
In Page Banner Information Leak Passive MEDIUM -
Charset Mismatch Passive MEDIUM -
Cookie Without Secure Flag Passive MEDIUM -
Re-examine Cache-control Directives Passive MEDIUM -
Cross-Domain JavaScript Source File Inclusion Passive MEDIUM -
Content-Type Header Missing Passive MEDIUM -
Information Disclosure - Sensitive Information in URL Passive MEDIUM -
Information Disclosure - Sensitive Information in HTTP Referrer Header Passive MEDIUM -
HTTP Parameter Override Passive MEDIUM -
Open Redirect Passive MEDIUM -
Cookie Poisoning Passive MEDIUM -
User Controllable Charset Passive MEDIUM -
WSDL File Detection Passive MEDIUM -
Loosely Scoped Cookie Passive MEDIUM -
Viewstate Passive MEDIUM -
Directory Browsing Passive MEDIUM -
Heartbleed OpenSSL Vulnerability (Indicative) Passive MEDIUM -
Strict-Transport-Security Header Passive MEDIUM -
X-Backend-Server Header Information Leak Passive MEDIUM -
Secure Pages Include Mixed Content Passive MEDIUM -
HTTP to HTTPS Insecure Transition in Form Post Passive MEDIUM -
HTTPS to HTTP Insecure Transition in Form Post Passive MEDIUM -
User Controllable JavaScript Event (XSS) Passive MEDIUM -
Big Redirect Detected (Potential Sensitive Information Leak) Passive MEDIUM -
Retrieved from Cache Passive MEDIUM -
X-ChromeLogger-Data (XCOLD) Header Information Leak Passive MEDIUM -
CSP Passive MEDIUM -
X-Debug-Token Information Leak Passive MEDIUM -
Username Hash Found Passive MEDIUM -
X-AspNet-Version Response Header Passive MEDIUM -
PII Disclosure Passive MEDIUM -
Script Passive Scan Rules Passive MEDIUM -
Stats Passive Scan Rule Passive MEDIUM -
Use of SAML Passive MEDIUM -
Example Passive Scan Rule: Denial of Service Passive MEDIUM -
An example passive scan rule which loads data from a file. Passive MEDIUM -
Timestamp Disclosure Passive MEDIUM -
Hash Disclosure Passive MEDIUM -
Cross-Domain Misconfiguration Passive MEDIUM -
Source Code Disclosure Passive MEDIUM -
Image Location and Privacy Scanner Passive MEDIUM -
Weak Authentication Method Passive MEDIUM -
Reverse Tabnabbing Passive MEDIUM -

Sites

https://testasp.vulnweb.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

http://testasp.vulnweb.com

HTTP Response Code Number of Responses
501 Not Implemented
125
403 Forbidden
151
404 Not Found
1215
405 Method Not Allowed
18
200 OK
2608
400 Bad Request
21
301 Moved Permanently
259
500 Internal Server Error
2458
302 Found
471

No Authentication Statistics Found

Technology Version Categories Implies
DreamWeaver
Editors
IIS
8.5
Web servers
Windows Server
Microsoft ASP.NET
Web frameworks
IIS\;confidence:50
TinyMCE
Rich text editors
Windows Server
Operating systems
Parameter Name Type Flags Times Used # Values

Alert Detail

High
Anti-CSRF Tokens Check
Description
A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.

CSRF attacks are effective in a number of situations, including:

* The victim has an active session on the target site.

* The victim is authenticated via HTTP auth on the target site.

* The victim is on the same local network as the target site.

CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter
Attack
Evidence <form name="frmSearch" method="get" action="">
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter
Attack
Evidence <form name="frmSearch" method="get" action="">
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
Instances 4
Solution
Phase: Architecture and Design

Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

For example, use anti-CSRF packages such as the OWASP CSRFGuard.

Phase: Implementation

Ensure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.

Phase: Architecture and Design

Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).

Note that this can be bypassed using XSS.

Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.

Note that this can be bypassed using XSS.

Use the ESAPI Session Management control.

This control includes a component for CSRF.

Do not use the GET method for any request that triggers a state change.

Phase: Implementation

Check the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.
Reference http://projects.webappsec.org/Cross-Site-Request-Forgery
http://cwe.mitre.org/data/definitions/352.html
Tags OWASP_2021_A05
WSTG-v42-SESS-05
OWASP_2017_A06
CWE Id 352
WASC Id 9
Plugin Id 20012
High
Cross Site Scripting (DOM Based)
Description
Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology.

When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise.

There are three types of Cross-site Scripting attacks: non-persistent, persistent and DOM-based.

Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash.

Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code.
URL http://testasp.vulnweb.com/Search.asp?name=abc#<img src="random.gif" onerror=alert(5397)>
Method GET
Parameter
Attack ?name=abc#<img src="random.gif" onerror=alert(5397)>
Evidence
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
Instances 1
Solution
Phase: Architecture and Design

Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.

Phases: Implementation; Architecture and Design

Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.

For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.

Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.

Phase: Architecture and Design

For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.

If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.

Phase: Implementation

For every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.

To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.

Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."

Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.
Reference http://projects.webappsec.org/Cross-Site-Scripting
http://cwe.mitre.org/data/definitions/79.html
Tags OWASP_2021_A03
OWASP_2017_A07
CWE Id 79
WASC Id 8
Plugin Id 40026
High
Cross Site Scripting (Persistent)
Description
Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology.

When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise.

There are three types of Cross-site Scripting attacks: non-persistent, persistent and DOM-based.

Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash.

Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter tfText
Attack </a><script>alert(1);</script><a>
Evidence
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 17,802 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter tfUName
Attack </a><script>alert(1);</script><a>
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 178 bytes.
Response Body - size: 17,802 bytes.
Instances 2
Solution
Phase: Architecture and Design

Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.

Phases: Implementation; Architecture and Design

Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.

For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.

Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.

Phase: Architecture and Design

For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.

If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.

Phase: Implementation

For every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.

To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.

Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."

Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.
Reference http://projects.webappsec.org/Cross-Site-Scripting
http://cwe.mitre.org/data/definitions/79.html
Tags OWASP_2021_A03
WSTG-v42-INPV-02
OWASP_2017_A07
CWE Id 79
WASC Id 8
Plugin Id 40014
High
Cross Site Scripting (Reflected)
Description
Cross-site Scripting (XSS) is an attack technique that involves echoing attacker-supplied code into a user's browser instance. A browser instance can be a standard web browser client, or a browser object embedded in a software product such as the browser within WinAmp, an RSS reader, or an email client. The code itself is usually written in HTML/JavaScript, but may also extend to VBScript, ActiveX, Java, Flash, or any other browser-supported technology.

When an attacker gets a user's browser to execute his/her code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read, modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. Cross-site Scripting attacks essentially compromise the trust relationship between a user and the web site. Applications utilizing browser object instances which load content from the file system may execute code under the local machine zone allowing for system compromise.

There are three types of Cross-site Scripting attacks: non-persistent, persistent and DOM-based.

Non-persistent attacks and DOM-based attacks require a user to either visit a specially crafted link laced with malicious code, or visit a malicious web page containing a web form, which when posted to the vulnerable site, will mount the attack. Using a malicious form will oftentimes take place when the vulnerable resource only accepts HTTP POST requests. In such a case, the form can be submitted automatically, without the victim's knowledge (e.g. by using JavaScript). Upon clicking on the malicious link or submitting the malicious form, the XSS payload will get echoed back and will get interpreted by the user's browser and execute. Another technique to send almost arbitrary requests (GET and POST) is by using an embedded client, such as Adobe Flash.

Persistent attacks occur when the malicious code is submitted to a web site where it's stored for a period of time. Examples of an attacker's favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to interact with any additional site/link (e.g. an attacker site or a malicious link sent via email), just simply view the web page containing the code.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=%22%3E%3CscrIpt%3Ealert%281%29%3B%3C%2FscRipt%3E
Method GET
Parameter tfSearch
Attack "><scrIpt>alert(1);</scRipt>
Evidence "><scrIpt>alert(1);</scRipt>
Request Header - size: 396 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 5,422 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter tfText
Attack </a><scrIpt>alert(1);</scRipt><a>
Evidence </a><scrIpt>alert(1);</scRipt><a>
Request Header - size: 409 bytes.
Request Body - size: 80 bytes.
Response Header - size: 178 bytes.
Response Body - size: 16,921 bytes.
Instances 2
Solution
Phase: Architecture and Design

Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

Examples of libraries and frameworks that make it easier to generate properly encoded output include Microsoft's Anti-XSS library, the OWASP ESAPI Encoding module, and Apache Wicket.

Phases: Implementation; Architecture and Design

Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.

For any data that will be output to another web page, especially any data that was received from external inputs, use the appropriate encoding on all non-alphanumeric characters.

Consult the XSS Prevention Cheat Sheet for more details on the types of encoding and escaping that are needed.

Phase: Architecture and Design

For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.

If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.

Phase: Implementation

For every web page that is generated, use and specify a character encoding such as ISO-8859-1 or UTF-8. When an encoding is not specified, the web browser may choose a different encoding by guessing which encoding is actually being used by the web page. This can cause the web browser to treat certain sequences as special, opening up the client to subtle XSS attacks. See CWE-116 for more mitigations related to encoding/escaping.

To help mitigate XSS attacks against the user's session cookie, set the session cookie to be HttpOnly. In browsers that support the HttpOnly feature (such as more recent versions of Internet Explorer and Firefox), this attribute can prevent the user's session cookie from being accessible to malicious client-side scripts that use document.cookie. This is not a complete solution, since HttpOnly is not supported by all browsers. More importantly, XMLHTTPRequest and other powerful browser technologies provide read access to HTTP headers, including the Set-Cookie header in which the HttpOnly flag is set.

Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."

Ensure that you perform input validation at well-defined interfaces within the application. This will help protect the application even if a component is reused or moved elsewhere.
Reference http://projects.webappsec.org/Cross-Site-Scripting
http://cwe.mitre.org/data/definitions/79.html
Tags OWASP_2021_A03
WSTG-v42-INPV-01
OWASP_2017_A07
CWE Id 79
WASC Id 8
Plugin Id 40012
High
External Redirect
Description
URL redirectors represent common functionality employed by web sites to forward an incoming request to an alternate resource. This can be done for a variety of reasons and is often done to allow resources to be moved within the directory structure and to avoid breaking functionality for users that request the resource at its previous location. URL redirectors may also be used to implement load balancing, leveraging abbreviated URLs or recording outgoing links. It is this last implementation which is often used in phishing attacks as described in the example below. URL redirectors do not necessarily represent a direct security vulnerability but can be abused by attackers trying to social engineer victims into believing that they are navigating to a site other than the true destination.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=73982610993231700.owasp.org
Method GET
Parameter RetURL
Attack 73982610993231700.owasp.org
Evidence 73982610993231700.owasp.org
Request Header - size: 407 bytes.
Request Body - size: 0 bytes.
Response Header - size: 225 bytes.
Response Body - size: 148 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=73982610993231700.owasp.org
Method POST
Parameter RetURL
Attack 73982610993231700.owasp.org
Evidence 73982610993231700.owasp.org
Request Header - size: 449 bytes.
Request Body - size: 23 bytes.
Response Header - size: 225 bytes.
Response Body - size: 148 bytes.
Instances 2
Solution
Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."

Use an allow list of approved URLs or domains to be used for redirection.

Use an intermediate disclaimer page that provides the user with a clear warning that they are leaving your site. Implement a long timeout before the redirect occurs, or force the user to click on the link. Be careful to avoid XSS problems when generating the disclaimer page.

When the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs.

For example, ID 1 could map to "/login.asp" and ID 2 could map to "http://www.example.com/". Features such as the ESAPI AccessReferenceMap provide this capability.

Understand all the potential areas where untrusted inputs can enter your software: parameters or arguments, cookies, anything read from the network, environment variables, reverse DNS lookups, query results, request headers, URL components, e-mail, files, databases, and any external systems that provide data to the application. Remember that such inputs may be obtained indirectly through API calls.

Many open redirect problems occur because the programmer assumed that certain inputs could not be modified, such as cookies and hidden form fields.
Reference http://projects.webappsec.org/URL-Redirector-Abuse
http://cwe.mitre.org/data/definitions/601.html
Tags OWASP_2021_A03
WSTG-v42-CLNT-04
OWASP_2017_A01
CWE Id 601
WASC Id 38
Plugin Id 20019
High
Path Traversal
Description
The Path Traversal attack technique allows an attacker access to files, directories, and commands that potentially reside outside the web document root directory. An attacker may manipulate a URL in such a way that the web site will execute or reveal the contents of arbitrary files anywhere on the web server. Any device that exposes an HTTP-based interface is potentially vulnerable to Path Traversal.

Most web sites restrict user access to a specific portion of the file-system, typically called the "web document root" or "CGI root" directory. These directories contain the files intended for user access and the executable necessary to drive web application functionality. To access files or execute commands anywhere on the file-system, Path Traversal attacks will utilize the ability of special-characters sequences.

The most basic Path Traversal attack uses the "../" special-character sequence to alter the resource location requested in the URL. Although most popular web servers will prevent this technique from escaping the web document root, alternate encodings of the "../" sequence may help bypass the security filters. These method variations include valid and invalid Unicode-encoding ("..%u2216" or "..%c0%af") of the forward slash character, backslash characters ("..\") on Windows-based servers, URL encoded characters "%2e%2e%2f"), and double URL encoding ("..%255c") of the backslash character.

Even if the web server properly restricts Path Traversal attempts in the URL path, a web application itself may still be vulnerable due to improper handling of user-supplied input. This is a common problem of web applications that use template mechanisms or load static text from files. In variations of the attack, the original URL parameter value is substituted with the file name of one of the web application's dynamic scripts. Consequently, the results can reveal source code because the file is interpreted as text instead of an executable script. These techniques often employ additional special characters such as the dot (".") to reveal the listing of the current working directory, or "%00" NULL characters in order to bypass rudimentary file extension checks.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=Logout.asp
Method GET
Parameter RetURL
Attack Logout.asp
Evidence
Request Header - size: 390 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=Login.asp
Method POST
Parameter RetURL
Attack Login.asp
Evidence
Request Header - size: 431 bytes.
Request Body - size: 23 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,122 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini
Method GET
Parameter item
Attack ../../../../../../../../../../../../../../../../Windows/system.ini
Evidence [drivers]
Request Header - size: 437 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,180 bytes.
Instances 3
Solution
Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."

For filenames, use stringent allow lists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses, and exclude directory separators such as "/". Use an allow list of allowable file extensions.

Warning: if you attempt to cleanse your data, then do so that the end result is not in the form that can be dangerous. A sanitizing mechanism can remove characters such as '.' and ';' which may be required for some exploits. An attacker can try to fool the sanitizing mechanism into "cleaning" data into a dangerous form. Suppose the attacker injects a '.' inside a filename (e.g. "sensi.tiveFile") and the sanitizing mechanism removes the character resulting in the valid filename, "sensitiveFile". If the input data are now assumed to be safe, then the file may be compromised.

Inputs should be decoded and canonicalized to the application's current internal representation before being validated. Make sure that your application does not decode the same input twice. Such errors could be used to bypass allow list schemes by introducing dangerous inputs after they have been checked.

Use a built-in path canonicalization function (such as realpath() in C) that produces the canonical version of the pathname, which effectively removes ".." sequences and symbolic links.

Run your code using the lowest privileges that are required to accomplish the necessary tasks. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

When the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs.

Run your code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which files can be accessed in a particular directory or which commands can be executed by your software.

OS-level examples include the Unix chroot jail, AppArmor, and SELinux. In general, managed code may provide some protection. For example, java.io.FilePermission in the Java SecurityManager allows you to specify restrictions on file operations.

This may not be a feasible solution, and it only limits the impact to the operating system; the rest of your application may still be subject to compromise.
Reference http://projects.webappsec.org/Path-Traversal
http://cwe.mitre.org/data/definitions/22.html
Tags OWASP_2021_A01
WSTG-v42-ATHZ-01
OWASP_2017_A05
CWE Id 22
WASC Id 33
Plugin Id 6
High
Remote File Inclusion
Description
Remote File Include (RFI) is an attack technique used to exploit "dynamic file include" mechanisms in web applications. When web applications take user input (URL, parameter value, etc.) and pass them into file include commands, the web application might be tricked into including remote files with malicious code.

Almost all web application frameworks support file inclusion. File inclusion is mainly used for packaging common code into separate files that are later referenced by main application modules. When a web application references an include file, the code in this file may be executed implicitly or explicitly by calling specific procedures. If the choice of module to load is based on elements from the HTTP request, the web application might be vulnerable to RFI.

An attacker can use RFI for:

* Running malicious code on the server: any code in the included malicious files will be run by the server. If the file include is not executed using some wrapper, code in include files is executed in the context of the server user. This could lead to a complete system compromise.

* Running malicious code on clients: the attacker's malicious code can manipulate the content of the response sent to the client. The attacker can embed malicious code in the response that will be run by the client (for example, JavaScript to steal the client session cookies).

PHP is particularly vulnerable to RFI attacks due to the extensive use of "file includes" in PHP programming and due to default server configurations that increase susceptibility to an RFI attack.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=http%3A%2F%2Fwww.google.com%2F
Method GET
Parameter RetURL
Attack http://www.google.com/
Evidence <title>Google</title>
Request Header - size: 410 bytes.
Request Body - size: 0 bytes.
Response Header - size: 1,245 bytes.
Response Body - size: 111,350 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=http%3A%2F%2Fwww.google.com%2F
Method POST
Parameter RetURL
Attack http://www.google.com/
Evidence <title>Google</title>
Request Header - size: 452 bytes.
Request Body - size: 23 bytes.
Response Header - size: 1,245 bytes.
Response Body - size: 111,335 bytes.
Instances 2
Solution
Phase: Architecture and Design

When the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs.

For example, ID 1 could map to "inbox.txt" and ID 2 could map to "profile.txt". Features such as the ESAPI AccessReferenceMap provide this capability.

Phases: Architecture and Design; Operation

Run your code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which files can be accessed in a particular directory or which commands can be executed by your software.

OS-level examples include the Unix chroot jail, AppArmor, and SELinux. In general, managed code may provide some protection. For example, java.io.FilePermission in the Java SecurityManager allows you to specify restrictions on file operations.

This may not be a feasible solution, and it only limits the impact to the operating system; the rest of your application may still be subject to compromise.

Be careful to avoid CWE-243 and other weaknesses related to jails.

For PHP, the interpreter offers restrictions such as open basedir or safe mode which can make it more difficult for an attacker to escape out of the application. Also consider Suhosin, a hardened PHP extension, which includes various options that disable some of the more dangerous PHP features.

Phase: Implementation

Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use an allow list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a deny list). However, deny lists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."

For filenames, use stringent allow lists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use an allow list of allowable file extensions, which will help to avoid CWE-434.

Phases: Architecture and Design; Operation

Store library, include, and utility files outside of the web document root, if possible. Otherwise, store them in a separate directory and use the web server's access control capabilities to prevent attackers from directly requesting them. One common practice is to define a fixed constant in each calling program, then check for the existence of the constant in the library/include file; if the constant does not exist, then the file was directly requested, and it can exit immediately.

This significantly reduces the chance of an attacker being able to bypass any protection mechanisms that are in the base program but not in the include files. It will also reduce your attack surface.

Phases: Architecture and Design; Implementation

Understand all the potential areas where untrusted inputs can enter your software: parameters or arguments, cookies, anything read from the network, environment variables, reverse DNS lookups, query results, request headers, URL components, e-mail, files, databases, and any external systems that provide data to the application. Remember that such inputs may be obtained indirectly through API calls.

Many file inclusion problems occur because the programmer assumed that certain inputs could not be modified, especially for cookies and URL components.
Reference http://projects.webappsec.org/Remote-File-Inclusion
http://cwe.mitre.org/data/definitions/98.html
Tags OWASP_2021_A03
OWASP_2017_A01
WSTG-v42-INPV-11
CWE Id 98
WASC Id 5
Plugin Id 7
High
SQL Injection
Description
SQL injection may be possible.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter tfUName
Attack ZAP' AND '1'='1' --
Evidence
Request Header - size: 441 bytes.
Request Body - size: 52 bytes.
Response Header - size: 211 bytes.
Response Body - size: 134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter tfUPass
Attack ZAP' AND '1'='1' --
Evidence
Request Header - size: 441 bytes.
Request Body - size: 52 bytes.
Response Header - size: 211 bytes.
Response Body - size: 134 bytes.
Instances 2
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the principle of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
WSTG-v42-INPV-05
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 40018
High
SQL Injection - MsSQL
Description
SQL injection may be possible
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter tfSearch
Attack ZAP) WAITFOR DELAY '0:0:15' --
Evidence
Request Header - size: 389 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter id
Attack 2" WAITFOR DELAY '0:0:15' --
Evidence
Request Header - size: 373 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter id
Attack 40 WAITFOR DELAY '0:0:15' --
Evidence
Request Header - size: 391 bytes.
Request Body - size: 0 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter id
Attack 40 WAITFOR DELAY '0:0:15' --
Evidence
Request Header - size: 444 bytes.
Request Body - size: 21 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
Instances 4
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the privilege of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
WSTG-v42-INPV-05
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 40027
Medium
Absence of Anti-CSRF Tokens
Description
No Anti-CSRF tokens were found in a HTML submission form.

A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.

CSRF attacks are effective in a number of situations, including:

* The victim has an active session on the target site.

* The victim is authenticated via HTTP auth on the target site.

* The victim is on the same local network as the target site.

CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 334 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,198 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,196 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,137 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence <form action="" method="POST">
Request Header - size: 399 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,256 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,615 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,613 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,554 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence <form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,673 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter
Attack
Evidence <form name="frmSearch" method="get" action="">
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter
Attack
Evidence <form name="frmSearch" method="get" action="">
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 14,602 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 5,979 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,149 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,132 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,440 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,502 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,533 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,422 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,471 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,174 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,421 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,138 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,374 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,491 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,123 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method GET
Parameter
Attack
Evidence <form name="frmPostMessage" method="post" enctype="application/x-www-form-urlencoded">
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,129 bytes.
Instances 139
Solution
Phase: Architecture and Design

Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

For example, use anti-CSRF packages such as the OWASP CSRFGuard.

Phase: Implementation

Ensure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.

Phase: Architecture and Design

Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).

Note that this can be bypassed using XSS.

Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.

Note that this can be bypassed using XSS.

Use the ESAPI Session Management control.

This control includes a component for CSRF.

Do not use the GET method for any request that triggers a state change.

Phase: Implementation

Check the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.
Reference http://projects.webappsec.org/Cross-Site-Request-Forgery
http://cwe.mitre.org/data/definitions/352.html
Tags OWASP_2021_A01
WSTG-v42-SESS-05
OWASP_2017_A05
CWE Id 352
WASC Id 9
Plugin Id 10202
Medium
Bypassing 403
Description
Bypassing 403 endpoints may be possible, the scan rule sent a payload that caused the response to be accessible (status code 200).
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack X-Original-URL: /avatars
Evidence
Request Header - size: 251 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,561 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack X-Original-URL: /Images
Evidence
Request Header - size: 250 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,561 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack X-Original-URL: /jscripts
Evidence
Request Header - size: 252 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,561 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack X-Original-URL: /jscripts/tiny_mce
Evidence
Request Header - size: 261 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,561 bytes.
Instances 4
Solution
Reference https://www.acunetix.com/blog/articles/a-fresh-look-on-reverse-proxy-related-attacks/
https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf
https://www.contextis.com/en/blog/server-technologies-reverse-proxy-bypass
Tags OWASP_2021_A01
WSTG-v42-ATHN-04
OWASP_2017_A05
CWE Id
WASC Id
Plugin Id 40038
Medium
Content Security Policy (CSP) Header Not Set
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL http://testasp.vulnweb.com
Method GET
Parameter
Attack
Evidence
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack
Evidence
Request Header - size: 206 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/%C2%94http:/hackersite.com/authstealer.js%C2%94
Method GET
Parameter
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/0
Method GET
Parameter
Attack
Evidence
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter
Attack
Evidence
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence
Request Header - size: 334 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,198 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,196 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,137 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence
Request Header - size: 399 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,256 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,615 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,613 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,554 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,673 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter
Attack
Evidence
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter
Attack
Evidence
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=0
Method GET
Parameter
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,037 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=1
Method GET
Parameter
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,101 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,017 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 14,602 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 5,979 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,149 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,132 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,440 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,502 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,533 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,422 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,471 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,174 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,421 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,138 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,374 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,491 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,123 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,129 bytes.
URL http://testasp.vulnweb.com/sitemap.xml
Method GET
Parameter
Attack
Evidence
Request Header - size: 272 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Method GET
Parameter
Attack
Evidence
Request Header - size: 333 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,594 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence
Request Header - size: 445 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence
Request Header - size: 473 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence
Request Header - size: 505 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 178 bytes.
Response Body - size: 13,536 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,913 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,084 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,375 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,437 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,468 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,357 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,406 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,109 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,356 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,309 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,426 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,064 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,057 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,063 bytes.
Instances 238
Solution
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header, to achieve optimal browser support: "Content-Security-Policy" for Chrome 25+, Firefox 23+ and Safari 7+, "X-Content-Security-Policy" for Firefox 4.0+ and Internet Explorer 10+, and "X-WebKit-CSP" for Chrome 14+ and Safari 6+.
Reference https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
http://www.w3.org/TR/CSP/
http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html
http://www.html5rocks.com/en/tutorials/security/content-security-policy/
http://caniuse.com/#feat=contentsecuritypolicy
http://content-security-policy.com/
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 693
WASC Id 15
Plugin Id 10038
Medium
HTTP Only Site
Description
The site is only served under HTTP and not HTTPS.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence
Request Header - size: 419 bytes.
Request Body - size: 23 bytes.
Response Header - size: 14 bytes.
Response Body - size: 0 bytes.
Instances 1
Solution
Configure your web or application server to use SSL (https).
Reference https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html
https://letsencrypt.org/
Tags OWASP_2021_A05
WSTG-v42-SESS-02
OWASP_2017_A06
CWE Id 311
WASC Id 4
Plugin Id 10106
Medium
Integer Overflow Error
Description
An integer overflow condition exists when an integer, which has not been properly checked from the input stream is used within a compiled program.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter id
Attack 14015854230104428975476704187582573163087583
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 378 bytes.
Request Body - size: 0 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter id
Attack 42092583479860050530006819860521914811530366
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Method GET
Parameter item
Attack 12739993682371154771046579610015199110648055
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 381 bytes.
Request Body - size: 0 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter id
Attack 64189414867252997932917917547395480555706927
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 451 bytes.
Request Body - size: 21 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
Instances 4
Solution
Rewrite the background program using proper checking of the size of integer being input to prevent overflows and divide by 0 errors. This will require a recompile of the background executable.
Reference http://projects.webappsec.org/w/page/13246946/Integer%20Overflows
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 190
WASC Id 3
Plugin Id 30003
Medium
Missing Anti-clickjacking Header
Description
The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.
URL http://testasp.vulnweb.com
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 206 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 334 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,198 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,196 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,137 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 399 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,256 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,615 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,613 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,554 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,673 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=0
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,037 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=1
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,101 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,017 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 14,602 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 5,979 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,149 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,132 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,440 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,502 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,533 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,422 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,471 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,174 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,421 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,138 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,374 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,491 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,123 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,129 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Method GET
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 333 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,594 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 178 bytes.
Response Body - size: 13,536 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,913 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,084 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,375 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,437 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,468 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,357 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,406 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,109 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,356 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,309 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,426 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,064 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,057 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method POST
Parameter X-Frame-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,063 bytes.
Instances 187
Solution
Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.

If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's "frame-ancestors" directive.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
Tags OWASP_2021_A05
WSTG-v42-CLNT-09
OWASP_2017_A06
CWE Id 1021
WASC Id 15
Plugin Id 10020
Medium
Sub Resource Integrity Attribute Missing
Description
The integrity attribute is missing on a script or link tag served by an external server. The integrity tag prevents an attacker who have gained access to this server from injecting a malicious content.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter
Attack
Evidence <script src=”http://hackersite.com/authstealer.js”> </script>
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,017 bytes.
Instances 1
Solution
Provide a valid integrity attribute to the tag.
Reference https://developer.mozilla.org/en/docs/Web/Security/Subresource_Integrity
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 345
WASC Id 15
Plugin Id 90003
Medium
Web Cache Deception
Description
Web cache deception may be possible. It may be possible for unauthorised user to view sensitive data on this page.
URL http://testasp.vulnweb.com/avatars
Method GET
Parameter
Attack /test.css,/test.jpg,/test.js,/test.html,/test.gif,/test.png,/test.svg,/test.php,/test.txt,/test.pdf,/test.asp,
Evidence
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Images
Method GET
Parameter
Attack /test.css,/test.jpg,/test.js,/test.html,/test.gif,/test.png,/test.svg,/test.php,/test.txt,/test.pdf,/test.asp,
Evidence
Request Header - size: 323 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts
Method GET
Parameter
Attack /test.css,/test.jpg,/test.js,/test.html,/test.gif,/test.png,/test.svg,/test.php,/test.txt,/test.pdf,/test.asp,
Evidence
Request Header - size: 345 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce
Method GET
Parameter
Attack /test.css,/test.jpg,/test.js,/test.html,/test.gif,/test.png,/test.svg,/test.php,/test.txt,/test.pdf,/test.asp,
Evidence
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack /test.css,/test.jpg,/test.js,/test.html,/test.gif,/test.png,/test.svg,/test.php,/test.txt,/test.pdf,/test.asp,
Evidence
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
Instances 5
Solution
It is strongly advised to refrain from classifying file types, such as images or stylesheets solely by their URL and file extension. Instead you should make sure that files are cached based on their Content-Type header.
Reference https://blogs.akamai.com/2017/03/on-web-cache-deception-attacks.html
https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/web-cache-deception/
Tags OWASP_2021_A05
WSTG-v42-ATHN-06
OWASP_2017_A06
CWE Id
WASC Id
Plugin Id 40039
Low
Application Error Disclosure
Description
This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 445 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 473 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence HTTP/1.1 500 Internal Server Error
Request Header - size: 505 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
Instances 48
Solution
Review the source code of this page. Implement custom error pages. Consider implementing a mechanism to provide a unique error reference/identifier to the client (browser) while logging the details on the server side and not exposing them to the user.
Reference
Tags WSTG-v42-ERRH-02
WSTG-v42-ERRH-01
OWASP_2021_A05
OWASP_2017_A06
CWE Id 200
WASC Id 13
Plugin Id 90022
Low
Cookie No HttpOnly Flag
Description
A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.
URL http://testasp.vulnweb.com
Method GET
Parameter ASPSESSIONIDCQRDQBRC
Attack
Evidence Set-Cookie: ASPSESSIONIDCQRDQBRC
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter ASPSESSIONIDCQRDQBRC
Attack
Evidence Set-Cookie: ASPSESSIONIDCQRDQBRC
Request Header - size: 206 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
Instances 2
Solution
Ensure that the HttpOnly flag is set for all cookies.
Reference https://owasp.org/www-community/HttpOnly
Tags OWASP_2021_A05
WSTG-v42-SESS-02
OWASP_2017_A06
CWE Id 1004
WASC Id 13
Plugin Id 10010
Low
Cookie Slack Detector
Description
Repeated GET requests: drop a different cookie each time, followed by normal request with all cookies to stabilize session, compare responses against original baseline GET. This can reveal areas where cookie based authentication/attributes are not actually enforced.
URL http://testasp.vulnweb.com/%C2%94http:
Method GET
Parameter
Attack
Evidence
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/%C2%94http:/hackersite.com
Method GET
Parameter
Attack
Evidence
Request Header - size: 362 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/%C2%94http:/hackersite.com/authstealer.js%C2%94
Method GET
Parameter
Attack
Evidence
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars
Method GET
Parameter
Attack
Evidence
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 158 bytes.
URL http://testasp.vulnweb.com/avatars/0
Method GET
Parameter
Attack
Evidence
Request Header - size: 346 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/noavatar.gif
Method GET
Parameter
Attack
Evidence
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 950 bytes.
URL http://testasp.vulnweb.com/Images
Method GET
Parameter
Attack
Evidence
Request Header - size: 323 bytes.
Request Body - size: 0 bytes.
Response Header - size: 228 bytes.
Response Body - size: 157 bytes.
URL http://testasp.vulnweb.com/Images/logo.gif
Method GET
Parameter
Attack
Evidence
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.
Response Body - size: 4,933 bytes.
URL http://testasp.vulnweb.com/jscripts
Method GET
Parameter
Attack
Evidence
Request Header - size: 345 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 159 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce
Method GET
Parameter
Attack
Evidence
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 239 bytes.
Response Body - size: 168 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter
Attack
Evidence
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter
Attack
Evidence
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter
Attack
Evidence
Request Header - size: 335 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,017 bytes.
URL http://testasp.vulnweb.com/sitemap.xml
Method GET
Parameter
Attack
Evidence
Request Header - size: 291 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/styles.css
Method GET
Parameter
Attack
Evidence
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 3,390 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Method GET
Parameter
Attack
Evidence
Request Header - size: 352 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,594 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence
Request Header - size: 441 bytes.
Request Body - size: 23 bytes.
Response Header - size: 211 bytes.
Response Body - size: 134 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
Instances 20
Solution
Reference http://projects.webappsec.org/Fingerprinting
Tags OWASP_2021_A05
WSTG-v42-SESS-02
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90027
Low
Cookie without SameSite Attribute
Description
A cookie has been set without the SameSite attribute, which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.
URL http://testasp.vulnweb.com
Method GET
Parameter ASPSESSIONIDCQRDQBRC
Attack
Evidence Set-Cookie: ASPSESSIONIDCQRDQBRC
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter ASPSESSIONIDCQRDQBRC
Attack
Evidence Set-Cookie: ASPSESSIONIDCQRDQBRC
Request Header - size: 206 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
Instances 2
Solution
Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.
Reference https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site
Tags OWASP_2021_A01
WSTG-v42-SESS-02
OWASP_2017_A05
CWE Id 1275
WASC Id 13
Plugin Id 10054
Low
Dangerous JS Functions
Description
A dangerous JS function seems to be in use that would leave the site vulnerable.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter
Attack
Evidence eval
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
Instances 1
Solution
See the references for security advice on the use of these functions.
Reference https://angular.io/guide/security
Tags WSTG-v42-CLNT-02
OWASP_2021_A04
CWE Id 749
WASC Id
Plugin Id 10110
Low
Information Disclosure - Debug Error Messages
Description
The response appeared to contain common error messages returned by platforms such as ASP.NET, and Web-servers such as IIS and Apache. You can configure the list of common debug messages.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 445 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 473 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence Internal server error
Request Header - size: 505 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
Instances 48
Solution
Disable debugging messages before pushing to production.
Reference
Tags OWASP_2021_A01
WSTG-v42-ERRH-01
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 10023
Low
Permissions Policy Header Not Set
Description
Permissions Policy Header is an added layer of security that helps to restrict from unauthorized access or usage of browser/client features by web resources. This policy ensures the user privacy by limiting or specifying the features of the browsers can be used by the web resources. Permissions Policy provides a set of standard HTTP headers that allow website owners to limit which features of browsers can be used by the page such as camera, microphone, location, full screen etc.
URL http://testasp.vulnweb.com
Method GET
Parameter
Attack
Evidence
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack
Evidence
Request Header - size: 206 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/%C2%94http:/hackersite.com/authstealer.js%C2%94
Method GET
Parameter
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/0
Method GET
Parameter
Attack
Evidence
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter
Attack
Evidence
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter
Attack
Evidence
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence
Request Header - size: 334 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,198 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,196 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,137 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence
Request Header - size: 399 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,256 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,615 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,613 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,554 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,673 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter
Attack
Evidence
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter
Attack
Evidence
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=0
Method GET
Parameter
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,037 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=1
Method GET
Parameter
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,101 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,017 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 14,602 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 5,979 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,149 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,132 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,440 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,502 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,533 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,422 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,471 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,174 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,421 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,138 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,374 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,491 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,123 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method GET
Parameter
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,129 bytes.
URL http://testasp.vulnweb.com/sitemap.xml
Method GET
Parameter
Attack
Evidence
Request Header - size: 272 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Method GET
Parameter
Attack
Evidence
Request Header - size: 333 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,594 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence
Request Header - size: 445 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence
Request Header - size: 473 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence
Request Header - size: 505 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 178 bytes.
Response Body - size: 13,536 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,913 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,084 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,375 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,437 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,468 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,357 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,406 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,109 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,356 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,309 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,426 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,064 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,057 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method POST
Parameter
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,063 bytes.
Instances 239
Solution
Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy
https://developers.google.com/web/updates/2018/06/feature-policy
https://scotthelme.co.uk/a-new-security-header-feature-policy/
https://w3c.github.io/webappsec-feature-policy/
https://www.smashingmagazine.com/2018/12/feature-policy/
Tags OWASP_2021_A01
OWASP_2017_A05
CWE Id 693
WASC Id 15
Plugin Id 10063
Low
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)
Description
The web/application server is leaking information via one or more "X-Powered-By" HTTP response headers. Access to such information may facilitate attackers identifying other frameworks/components your web application is reliant upon and the vulnerabilities such components may be subject to.
URL http://testasp.vulnweb.com
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 206 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/%C2%94http:/hackersite.com/authstealer.js%C2%94
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/0
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/noavatar.gif
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 338 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 950 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/Images/logo.gif
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 313 bytes.
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.
Response Body - size: 4,933 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 334 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,198 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,196 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,137 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 399 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,256 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.
Response Body - size: 145 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,615 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,613 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,554 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,673 bytes.
URL http://testasp.vulnweb.com/robots.txt
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 216 bytes.
Request Body - size: 0 bytes.
Response Header - size: 245 bytes.
Response Body - size: 13 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=0
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,037 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=1
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,101 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,017 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 14,602 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 5,979 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,149 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,132 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,440 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,502 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,533 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,422 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,471 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,174 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,421 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,138 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,374 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,491 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,123 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,129 bytes.
URL http://testasp.vulnweb.com/sitemap.xml
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 272 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/styles.css
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 3,390 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Method GET
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 333 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,594 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 441 bytes.
Request Body - size: 23 bytes.
Response Header - size: 211 bytes.
Response Body - size: 134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 439 bytes.
Request Body - size: 23 bytes.
Response Header - size: 210 bytes.
Response Body - size: 133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 23 bytes.
Response Header - size: 222 bytes.
Response Body - size: 145 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 457 bytes.
Request Body - size: 23 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 457 bytes.
Request Body - size: 23 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 457 bytes.
Request Body - size: 23 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 499 bytes.
Request Body - size: 23 bytes.
Response Header - size: 234 bytes.
Response Body - size: 157 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 445 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 473 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 505 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 178 bytes.
Response Body - size: 13,536 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,913 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,084 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,375 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,437 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,468 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,357 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,406 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,109 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,356 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,309 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,426 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,064 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,057 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method POST
Parameter
Attack
Evidence X-Powered-By: ASP.NET
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,063 bytes.
Instances 336
Solution
Ensure that your web server, application server, load balancer, etc. is configured to suppress "X-Powered-By" headers.
Reference http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspx
http://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html
Tags OWASP_2021_A01
WSTG-v42-INFO-08
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 10037
Low
Server Leaks Version Information via "Server" HTTP Response Header Field
Description
The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.
URL http://testasp.vulnweb.com
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 206 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/%C2%94http:/hackersite.com/authstealer.js%C2%94
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/0
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/noavatar.gif
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 338 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 950 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/Images/logo.gif
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 313 bytes.
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.
Response Body - size: 4,933 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 334 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,198 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,196 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,137 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 399 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,256 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.
Response Body - size: 145 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,615 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,613 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,554 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,673 bytes.
URL http://testasp.vulnweb.com/robots.txt
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 216 bytes.
Request Body - size: 0 bytes.
Response Header - size: 245 bytes.
Response Body - size: 13 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=0
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,037 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=1
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,101 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,017 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 14,602 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 5,979 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,149 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,132 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,440 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,502 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,533 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,422 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,471 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,174 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,421 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,138 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,374 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,491 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,123 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,129 bytes.
URL http://testasp.vulnweb.com/sitemap.xml
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 272 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/styles.css
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 3,390 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Method GET
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 333 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,594 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 441 bytes.
Request Body - size: 23 bytes.
Response Header - size: 211 bytes.
Response Body - size: 134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 439 bytes.
Request Body - size: 23 bytes.
Response Header - size: 210 bytes.
Response Body - size: 133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 23 bytes.
Response Header - size: 222 bytes.
Response Body - size: 145 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 457 bytes.
Request Body - size: 23 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 457 bytes.
Request Body - size: 23 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 457 bytes.
Request Body - size: 23 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 499 bytes.
Request Body - size: 23 bytes.
Response Header - size: 234 bytes.
Response Body - size: 157 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 445 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 473 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 505 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 178 bytes.
Response Body - size: 13,536 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,913 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,084 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,375 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,437 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,468 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,357 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,406 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,109 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,356 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,309 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,426 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,064 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,057 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method POST
Parameter
Attack
Evidence Microsoft-IIS/8.5
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,063 bytes.
Instances 336
Solution
Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.
Reference http://httpd.apache.org/docs/current/mod/core.html#servertokens
http://msdn.microsoft.com/en-us/library/ff648552.aspx#ht_urlscan_007
http://blogs.msdn.com/b/varunm/archive/2013/04/23/remove-unwanted-http-response-headers.aspx
http://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html
Tags OWASP_2021_A05
OWASP_2017_A06
WSTG-v42-INFO-02
CWE Id 200
WASC Id 13
Plugin Id 10036
Low
X-Content-Type-Options Header Missing
Description
The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.
URL http://testasp.vulnweb.com
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 206 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/avatars/noavatar.gif
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 338 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 950 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/Images/logo.gif
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 313 bytes.
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.
Response Body - size: 4,933 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 334 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,198 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,196 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,137 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 399 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,256 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,615 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,613 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,554 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,673 bytes.
URL http://testasp.vulnweb.com/robots.txt
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 216 bytes.
Request Body - size: 0 bytes.
Response Header - size: 245 bytes.
Response Body - size: 13 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=0
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,037 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=1
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,101 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,017 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 14,602 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 5,979 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,149 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,132 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,440 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,502 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,533 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,422 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,471 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,174 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,421 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,138 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,374 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,491 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,123 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,129 bytes.
URL http://testasp.vulnweb.com/styles.css
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 3,390 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Method GET
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 333 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,594 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 178 bytes.
Response Body - size: 13,536 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,913 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,084 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,375 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,437 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,468 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,357 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,406 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,109 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,356 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,309 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,426 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,064 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,057 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method POST
Parameter X-Content-Type-Options
Attack
Evidence
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,063 bytes.
Instances 192
Solution
Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.

If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.
Reference http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx
https://owasp.org/www-community/Security_Headers
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 693
WASC Id 15
Plugin Id 10021
Informational
Base64 Disclosure
Description
Base64 encoded data was disclosed by the application/web server. Note: in the interests of performance not all base64 strings in the response were analyzed individually, the entire response should be looked at by the analyst/security team/developer(s).
URL http://testasp.vulnweb.com/%C2%94http:/hackersite.com/authstealer.js%C2%94
Method GET
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/0
Method GET
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/sitemap.xml
Method GET
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 272 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 445 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 473 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence org/TR/xhtml1/DTD/xhtml1-strict
Request Header - size: 505 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
Instances 51
Solution
Manually confirm that the Base64 data does not leak sensitive information, and that the data cannot be aggregated/used to exploit other vulnerabilities.
Reference http://projects.webappsec.org/w/page/13246936/Information%20Leakage
Tags OWASP_2021_A04
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 10094
Informational
Cookie Slack Detector
Description
Repeated GET requests: drop a different cookie each time, followed by normal request with all cookies to stabilize session, compare responses against original baseline GET. This can reveal areas where cookie based authentication/attributes are not actually enforced.
URL http://testasp.vulnweb.com
Method GET
Parameter
Attack
Evidence
Request Header - size: 279 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack
Evidence
Request Header - size: 280 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter
Attack
Evidence
Request Header - size: 328 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence
Request Header - size: 387 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,635 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter
Attack
Evidence
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 7,002 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 8,067 bytes.
Instances 6
Solution
Reference http://projects.webappsec.org/Fingerprinting
Tags OWASP_2021_A05
WSTG-v42-SESS-02
OWASP_2017_A06
CWE Id 200
WASC Id 45
Plugin Id 90027
Informational
Information Disclosure - Suspicious Comments
Description
The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter
Attack
Evidence query
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter
Attack
Evidence select
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
Instances 2
Solution
Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.
Reference
Tags OWASP_2021_A01
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 10027
Informational
Modern Web Application
Description
The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter
Attack
Evidence <a>(.*?)</a>
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
Instances 1
Solution
This is an informational alert and so no changes are required.
Reference
Tags
CWE Id
WASC Id
Plugin Id 10109
Informational
Non-Storable Content
Description
The response contents are not storable by caching components such as proxy servers. If the response does not contain sensitive, personal or user-specific information, it may benefit from being stored and cached, to improve performance.
URL http://testasp.vulnweb.com
Method GET
Parameter
Attack
Evidence private
Request Header - size: 205 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter
Attack
Evidence private
Request Header - size: 206 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter
Attack
Evidence private
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence private
Request Header - size: 334 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,198 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence private
Request Header - size: 344 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,196 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence private
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,137 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence private
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence private
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence private
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,132 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence private
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence private
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence private
Request Header - size: 399 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,256 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence private
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 222 bytes.
Response Body - size: 145 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence private
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence private
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence private
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,615 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method GET
Parameter
Attack
Evidence private
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,613 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method GET
Parameter
Attack
Evidence private
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,554 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence private
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,549 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter
Attack
Evidence private
Request Header - size: 368 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,551 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method GET
Parameter
Attack
Evidence private
Request Header - size: 366 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,550 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method GET
Parameter
Attack
Evidence private
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,673 bytes.
URL http://testasp.vulnweb.com/Search.asp
Method GET
Parameter
Attack
Evidence private
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,809 bytes.
URL http://testasp.vulnweb.com/Search.asp?tfSearch=ZAP
Method GET
Parameter
Attack
Evidence private
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 2,961 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=0
Method GET
Parameter
Attack
Evidence private
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,037 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=1
Method GET
Parameter
Attack
Evidence private
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,101 bytes.
URL http://testasp.vulnweb.com/showforum.asp?id=2
Method GET
Parameter
Attack
Evidence private
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,017 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 14,602 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 5,979 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,140 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,149 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,150 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,151 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,132 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,440 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,502 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,533 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,422 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,471 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,174 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,421 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,138 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,374 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,139 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter
Attack
Evidence private
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,491 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,134 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,123 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method GET
Parameter
Attack
Evidence private
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,129 bytes.
URL http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Method GET
Parameter
Attack
Evidence private
Request Header - size: 333 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,594 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence private
Request Header - size: 441 bytes.
Request Body - size: 23 bytes.
Response Header - size: 211 bytes.
Response Body - size: 134 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence private
Request Header - size: 439 bytes.
Request Body - size: 23 bytes.
Response Header - size: 210 bytes.
Response Body - size: 133 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 23 bytes.
Response Header - size: 222 bytes.
Response Body - size: 145 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence private
Request Header - size: 457 bytes.
Request Body - size: 23 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence private
Request Header - size: 457 bytes.
Request Body - size: 23 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence private
Request Header - size: 457 bytes.
Request Body - size: 23 bytes.
Response Header - size: 217 bytes.
Response Body - size: 140 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence private
Request Header - size: 461 bytes.
Request Body - size: 23 bytes.
Response Header - size: 219 bytes.
Response Body - size: 142 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence private
Request Header - size: 459 bytes.
Request Body - size: 23 bytes.
Response Header - size: 218 bytes.
Response Body - size: 141 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence private
Request Header - size: 499 bytes.
Request Body - size: 23 bytes.
Response Header - size: 234 bytes.
Response Body - size: 157 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter
Attack
Evidence private
Request Header - size: 447 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3F
Method POST
Parameter
Attack
Evidence private
Request Header - size: 445 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3DZAP
Method POST
Parameter
Attack
Evidence private
Request Header - size: 473 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence private
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence private
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence private
Request Header - size: 463 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D39
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method POST
Parameter
Attack
Evidence private
Request Header - size: 467 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9
Method POST
Parameter
Attack
Evidence private
Request Header - size: 465 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml
Method POST
Parameter
Attack
Evidence private
Request Header - size: 505 bytes.
Request Body - size: 47 bytes.
Response Header - size: 196 bytes.
Response Body - size: 1,208 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=0
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 178 bytes.
Response Body - size: 13,536 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=1
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,913 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=11
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=13
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=14
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=15
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,074 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=16
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,075 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=17
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=18
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=19
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=2
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=20
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=21
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,069 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=22
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=23
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,084 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=24
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=25
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=26
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,085 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=27
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=28
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,086 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=29
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=3
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=31
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,375 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=32
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,437 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=33
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,468 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=34
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,357 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=35
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,406 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=36
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,109 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=37
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,356 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=39
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,309 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=4
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter
Attack
Evidence private
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,426 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=5
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,064 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=6
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=7
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,068 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=8
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,057 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=9
Method POST
Parameter
Attack
Evidence private
Request Header - size: 407 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,063 bytes.
Instances 328
Solution
The content may be marked as storable by ensuring that the following conditions are satisfied:

The request method must be understood by the cache and defined as being cacheable ("GET", "HEAD", and "POST" are currently defined as cacheable)

The response status code must be understood by the cache (one of the 1XX, 2XX, 3XX, 4XX, or 5XX response classes are generally understood)

The "no-store" cache directive must not appear in the request or response header fields

For caching by "shared" caches such as "proxy" caches, the "private" response directive must not appear in the response

For caching by "shared" caches such as "proxy" caches, the "Authorization" header field must not appear in the request, unless the response explicitly allows it (using one of the "must-revalidate", "public", or "s-maxage" Cache-Control response directives)

In addition to the conditions above, at least one of the following conditions must also be satisfied by the response:

It must contain an "Expires" header field

It must contain a "max-age" response directive

For "shared" caches such as "proxy" caches, it must contain a "s-maxage" response directive

It must contain a "Cache Control Extension" that allows it to be cached

It must have a status code that is defined as cacheable by default (200, 203, 204, 206, 300, 301, 404, 405, 410, 414, 501).
Reference https://tools.ietf.org/html/rfc7234
https://tools.ietf.org/html/rfc7231
http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html (obsoleted by rfc7234)
Tags WSTG-v42-ATHN-06
CWE Id 524
WASC Id 13
Plugin Id 10049
Informational
Storable and Cacheable Content
Description
The response contents are storable by caching components such as proxy servers, and may be retrieved directly from the cache, rather than from the origin server by the caching servers, in response to similar requests from other users. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where "shared" caching servers such as "proxy" caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.
URL http://testasp.vulnweb.com/%C2%94http:/hackersite.com/authstealer.js%C2%94
Method GET
Parameter
Attack
Evidence
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/0
Method GET
Parameter
Attack
Evidence
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/avatars/noavatar.gif
Method GET
Parameter
Attack
Evidence
Request Header - size: 338 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 950 bytes.
URL http://testasp.vulnweb.com/Images/logo.gif
Method GET
Parameter
Attack
Evidence
Request Header - size: 313 bytes.
Request Body - size: 0 bytes.
Response Header - size: 248 bytes.
Response Body - size: 4,933 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce/tiny_mce.js
Method GET
Parameter
Attack
Evidence
Request Header - size: 347 bytes.
Request Body - size: 0 bytes.
Response Header - size: 263 bytes.
Response Body - size: 132,342 bytes.
URL http://testasp.vulnweb.com/robots.txt
Method GET
Parameter
Attack
Evidence
Request Header - size: 216 bytes.
Request Body - size: 0 bytes.
Response Header - size: 245 bytes.
Response Body - size: 13 bytes.
URL http://testasp.vulnweb.com/sitemap.xml
Method GET
Parameter
Attack
Evidence
Request Header - size: 272 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,245 bytes.
URL http://testasp.vulnweb.com/styles.css
Method GET
Parameter
Attack
Evidence
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 247 bytes.
Response Body - size: 3,390 bytes.
Instances 8
Solution
Validate that the response does not contain sensitive, personal or user-specific information. If it does, consider the use of the following HTTP response headers, to limit, or prevent the content being stored and retrieved from the cache by another user:

Cache-Control: no-cache, no-store, must-revalidate, private

Pragma: no-cache

Expires: 0

This configuration directs both HTTP 1.0 and HTTP 1.1 compliant caching servers to not store the response, and to not retrieve the response (without validation) from the cache, in response to a similar request.
Reference https://tools.ietf.org/html/rfc7234
https://tools.ietf.org/html/rfc7231
http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html (obsoleted by rfc7234)
Tags WSTG-v42-ATHN-06
CWE Id 524
WASC Id 13
Plugin Id 10049
Informational
User Agent Fuzzer
Description
Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.
URL http://testasp.vulnweb.com
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 196 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 196 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 196 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 218 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 229 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 287 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 192 bytes.
Request Body - size: 0 bytes.
Response Header - size: 244 bytes.
Response Body - size: 3,559 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 252 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 252 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 252 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 274 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 285 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 248 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/avatars
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/avatars
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/avatars
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/avatars
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 338 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/avatars
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/avatars
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 407 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/avatars
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 312 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 300 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 300 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 300 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 322 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 333 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 391 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Default.asp
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 296 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Images
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 295 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Images
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 295 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Images
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 295 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 317 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 328 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Images
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 291 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 317 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 317 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 317 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 339 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 350 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 408 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 313 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 326 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 326 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 326 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 348 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 359 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 417 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/jscripts/tiny_mce
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 322 bytes.
Request Body - size: 0 bytes.
Response Header - size: 160 bytes.
Response Body - size: 1,233 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,038 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,038 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,038 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,038 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 412 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,038 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 470 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,038 bytes.
URL http://testasp.vulnweb.com/Logout.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 375 bytes.
Request Body - size: 0 bytes.
Response Header - size: 178 bytes.
Response Body - size: 10,038 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 359 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,635 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 359 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,635 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 359 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,635 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 381 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,635 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 392 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,635 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 450 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,635 bytes.
URL http://testasp.vulnweb.com/Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D40
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 355 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,635 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 328 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 7,002 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 328 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 7,002 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 328 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 7,002 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 350 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 7,002 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 361 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 7,002 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 419 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 7,002 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 324 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 7,002 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 413 bytes.
Request Body - size: 23 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 413 bytes.
Request Body - size: 23 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 413 bytes.
Request Body - size: 23 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 435 bytes.
Request Body - size: 23 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 446 bytes.
Request Body - size: 23 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 504 bytes.
Request Body - size: 23 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/Login.asp?RetURL=%2FDefault%2Easp%3F
Method POST
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 409 bytes.
Request Body - size: 23 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,485 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Request Header - size: 381 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 8,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Request Header - size: 381 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 8,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Request Header - size: 381 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 8,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Request Header - size: 403 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 8,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Request Header - size: 414 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 8,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Request Header - size: 472 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 8,067 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=40
Method POST
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Request Header - size: 377 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 8,067 bytes.
Instances 84
Solution
Reference https://owasp.org/wstg
Tags
CWE Id
WASC Id
Plugin Id 10104
Informational
User Controllable HTML Element Attribute (Potential XSS)
Description
This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter id
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method GET
Parameter id
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,130 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method GET
Parameter id
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,135 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter id
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method GET
Parameter id
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,131 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method GET
Parameter id
Attack
Evidence
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 177 bytes.
Response Body - size: 4,138 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method POST
Parameter id
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=10
Method POST
Parameter id
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,065 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=12
Method POST
Parameter id
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,070 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method POST
Parameter id
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=30
Method POST
Parameter id
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,066 bytes.
URL http://testasp.vulnweb.com/showthread.asp?id=38
Method POST
Parameter id
Attack
Evidence
Request Header - size: 409 bytes.
Request Body - size: 21 bytes.
Response Header - size: 177 bytes.
Response Body - size: 3,073 bytes.
Instances 12
Solution
Validate all input and sanitize output it before writing to any HTML attributes.
Reference http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-html-attribute
Tags OWASP_2021_A03
OWASP_2017_A01
CWE Id 20
WASC Id 20
Plugin Id 10031